Nothing thats been done in the past two years stopped Snowden, and so that fact alone casts a shadow over this whole endeavor, said Steven Aftergood, director of the non-profit Federation of American Scientists Project on Government Secrecy. Whatever theyve done is apparently inadequate.
U.S. history is replete with cases in which federal agencies missed signs that trusted officials and military officers were stealing secrets. The CIA, for example, failed for some time to uncover Aldrich Ames, a senior officer who was one of the most prolific Soviet spies in U.S. history, despite polygraphs, drunkenness, and sudden and unexplained wealth.
Stopping a spy or a leaker has become even more difficult as the government continues to accumulate information in vast computer databases and has increased the number of people granted access to classified material to nearly 5 million.
Administration officials say the program could help ensure that agencies catch a wide array of threats, especially if employees are properly trained in recognizing behavior that identifies potential security risks.
If this is done correctly, an organization can get to a person who is having personal issues or problems that if not addressed by a variety of social means may lead that individual to violence, theft or espionage before it even gets to that point, said a senior Pentagon official, who requested anonymity because he wasnt authorized to discuss the issue publicly.
Manning, for instance, reportedly was reprimanded for posting YouTube messages describing the interior of a classified intelligence facility where he worked. He also exhibited behavior that could have forewarned his superiors that he posed a security risk, officials said.
Jonathan Pollard, a former U.S. Navy intelligence analyst sentenced in 1987 to life in prison for spying for Israel, wasnt investigated even though hed failed polygraph tests and lied to his supervisors. He was caught only after a co-worker saw him leave a top-secret facility with classified documents.
If the folks who are watching within an organization for that insider threat the lawyers, security officials and psychologists can figure out that an individual is having money problems or decreased work performance and that person may be starting to come into the window of being an insider threat, superiors can then approach them and try to remove that stress before they become a threat to the organization, the Pentagon official said.
The program, however, gives agencies such wide latitude in crafting their responses to insider threats that someone deemed a risk in one agency could be characterized as harmless in another. Even inside an agency, one managers disgruntled employee might become anothers threat to national security.
Obama in November approved minimum standards giving departments and agencies considerable leeway in developing their insider threat programs, leading to a potential hodgepodge of interpretations. He instructed them to not only root out leakers but people who might be prone to violent acts against the government or the nation and potential espionage.
The Pentagon established its own sweeping definition of an insider threat as an employee with a clearance who wittingly or unwittingly harms national security interests through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions resulting in loss or degradation of resources or capabilities.